1*1a96fba6SXin Li // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2*1a96fba6SXin Li // Use of this source code is governed by a BSD-style license that can be 3*1a96fba6SXin Li // found in the LICENSE file. 4*1a96fba6SXin Li 5*1a96fba6SXin Li #ifndef LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 6*1a96fba6SXin Li #define LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 7*1a96fba6SXin Li 8*1a96fba6SXin Li #include <memory> 9*1a96fba6SXin Li #include <set> 10*1a96fba6SXin Li #include <string> 11*1a96fba6SXin Li #include <utility> 12*1a96fba6SXin Li #include <vector> 13*1a96fba6SXin Li 14*1a96fba6SXin Li #include <base/files/file_path.h> 15*1a96fba6SXin Li #include <base/macros.h> 16*1a96fba6SXin Li 17*1a96fba6SXin Li #include "bindings/chrome_device_policy.pb.h" 18*1a96fba6SXin Li #include "bindings/device_management_backend.pb.h" 19*1a96fba6SXin Li #include "install_attributes/libinstallattributes.h" 20*1a96fba6SXin Li #include "policy/device_policy.h" 21*1a96fba6SXin Li 22*1a96fba6SXin Li #pragma GCC visibility push(default) 23*1a96fba6SXin Li 24*1a96fba6SXin Li namespace policy { 25*1a96fba6SXin Li 26*1a96fba6SXin Li // This class holds device settings that are to be enforced across all users. 27*1a96fba6SXin Li // 28*1a96fba6SXin Li // Before serving it to the users this class verifies that the policy is valid 29*1a96fba6SXin Li // against its signature and the owner's key and also that the policy files 30*1a96fba6SXin Li // are owned by root. 31*1a96fba6SXin Li class DevicePolicyImpl : public DevicePolicy { 32*1a96fba6SXin Li public: 33*1a96fba6SXin Li DevicePolicyImpl(); 34*1a96fba6SXin Li ~DevicePolicyImpl() override; 35*1a96fba6SXin Li get_device_policy()36*1a96fba6SXin Li const enterprise_management::ChromeDeviceSettingsProto& get_device_policy() 37*1a96fba6SXin Li const { 38*1a96fba6SXin Li return device_policy_; 39*1a96fba6SXin Li } 40*1a96fba6SXin Li 41*1a96fba6SXin Li // DevicePolicy overrides: 42*1a96fba6SXin Li bool LoadPolicy() override; 43*1a96fba6SXin Li bool IsEnterpriseEnrolled() const override; 44*1a96fba6SXin Li bool GetPolicyRefreshRate(int* rate) const override; 45*1a96fba6SXin Li bool GetUserWhitelist( 46*1a96fba6SXin Li std::vector<std::string>* user_whitelist) const override; 47*1a96fba6SXin Li bool GetGuestModeEnabled(bool* guest_mode_enabled) const override; 48*1a96fba6SXin Li bool GetCameraEnabled(bool* camera_enabled) const override; 49*1a96fba6SXin Li bool GetShowUserNames(bool* show_user_names) const override; 50*1a96fba6SXin Li bool GetDataRoamingEnabled(bool* data_roaming_enabled) const override; 51*1a96fba6SXin Li bool GetAllowNewUsers(bool* allow_new_users) const override; 52*1a96fba6SXin Li bool GetMetricsEnabled(bool* metrics_enabled) const override; 53*1a96fba6SXin Li bool GetReportVersionInfo(bool* report_version_info) const override; 54*1a96fba6SXin Li bool GetReportActivityTimes(bool* report_activity_times) const override; 55*1a96fba6SXin Li bool GetReportBootMode(bool* report_boot_mode) const override; 56*1a96fba6SXin Li bool GetEphemeralUsersEnabled(bool* ephemeral_users_enabled) const override; 57*1a96fba6SXin Li bool GetReleaseChannel(std::string* release_channel) const override; 58*1a96fba6SXin Li bool GetReleaseChannelDelegated( 59*1a96fba6SXin Li bool* release_channel_delegated) const override; 60*1a96fba6SXin Li bool GetUpdateDisabled(bool* update_disabled) const override; 61*1a96fba6SXin Li bool GetTargetVersionPrefix( 62*1a96fba6SXin Li std::string* target_version_prefix) const override; 63*1a96fba6SXin Li bool GetRollbackToTargetVersion( 64*1a96fba6SXin Li int* rollback_to_target_version) const override; 65*1a96fba6SXin Li bool GetRollbackAllowedMilestones( 66*1a96fba6SXin Li int* rollback_allowed_milestones) const override; 67*1a96fba6SXin Li bool GetScatterFactorInSeconds( 68*1a96fba6SXin Li int64_t* scatter_factor_in_seconds) const override; 69*1a96fba6SXin Li bool GetAllowedConnectionTypesForUpdate( 70*1a96fba6SXin Li std::set<std::string>* connection_types) const override; 71*1a96fba6SXin Li bool GetOpenNetworkConfiguration( 72*1a96fba6SXin Li std::string* open_network_configuration) const override; 73*1a96fba6SXin Li bool GetOwner(std::string* owner) const override; 74*1a96fba6SXin Li bool GetHttpDownloadsEnabled(bool* http_downloads_enabled) const override; 75*1a96fba6SXin Li bool GetAuP2PEnabled(bool* au_p2p_enabled) const override; 76*1a96fba6SXin Li bool GetAllowKioskAppControlChromeVersion( 77*1a96fba6SXin Li bool* allow_kiosk_app_control_chrome_version) const override; 78*1a96fba6SXin Li bool GetUsbDetachableWhitelist( 79*1a96fba6SXin Li std::vector<UsbDeviceId>* usb_whitelist) const override; 80*1a96fba6SXin Li bool GetAutoLaunchedKioskAppId(std::string* app_id_out) const override; 81*1a96fba6SXin Li bool IsEnterpriseManaged() const override; 82*1a96fba6SXin Li bool GetSecondFactorAuthenticationMode(int* mode_out) const override; 83*1a96fba6SXin Li bool GetDisallowedTimeIntervals( 84*1a96fba6SXin Li std::vector<WeeklyTimeInterval>* intervals_out) const override; 85*1a96fba6SXin Li bool GetDeviceUpdateStagingSchedule( 86*1a96fba6SXin Li std::vector<DayPercentagePair> *staging_schedule_out) const override; 87*1a96fba6SXin Li bool GetDeviceQuickFixBuildToken( 88*1a96fba6SXin Li std::string* device_quick_fix_build_token) const override; 89*1a96fba6SXin Li bool GetDeviceDirectoryApiId( 90*1a96fba6SXin Li std::string* device_directory_api_out) const override; 91*1a96fba6SXin Li 92*1a96fba6SXin Li // Methods that can be used only for testing. set_policy_data_for_testing(const enterprise_management::PolicyData & policy_data)93*1a96fba6SXin Li void set_policy_data_for_testing( 94*1a96fba6SXin Li const enterprise_management::PolicyData& policy_data) { 95*1a96fba6SXin Li policy_data_ = policy_data; 96*1a96fba6SXin Li } set_verify_root_ownership_for_testing(bool verify_root_ownership)97*1a96fba6SXin Li void set_verify_root_ownership_for_testing(bool verify_root_ownership) { 98*1a96fba6SXin Li verify_root_ownership_ = verify_root_ownership; 99*1a96fba6SXin Li } set_install_attributes_for_testing(std::unique_ptr<InstallAttributesReader> install_attributes_reader)100*1a96fba6SXin Li void set_install_attributes_for_testing( 101*1a96fba6SXin Li std::unique_ptr<InstallAttributesReader> install_attributes_reader) { 102*1a96fba6SXin Li install_attributes_reader_ = std::move(install_attributes_reader); 103*1a96fba6SXin Li } set_policy_for_testing(const enterprise_management::ChromeDeviceSettingsProto & device_policy)104*1a96fba6SXin Li void set_policy_for_testing( 105*1a96fba6SXin Li const enterprise_management::ChromeDeviceSettingsProto& device_policy) { 106*1a96fba6SXin Li device_policy_ = device_policy; 107*1a96fba6SXin Li } set_policy_path_for_testing(const base::FilePath & policy_path)108*1a96fba6SXin Li void set_policy_path_for_testing(const base::FilePath& policy_path) { 109*1a96fba6SXin Li policy_path_ = policy_path; 110*1a96fba6SXin Li } set_key_file_path_for_testing(const base::FilePath & keyfile_path)111*1a96fba6SXin Li void set_key_file_path_for_testing(const base::FilePath& keyfile_path) { 112*1a96fba6SXin Li keyfile_path_ = keyfile_path; 113*1a96fba6SXin Li } set_verify_policy_for_testing(bool value)114*1a96fba6SXin Li void set_verify_policy_for_testing(bool value) { verify_policy_ = value; } 115*1a96fba6SXin Li 116*1a96fba6SXin Li private: 117*1a96fba6SXin Li // Verifies that both the policy file and the signature file exist and are 118*1a96fba6SXin Li // owned by the root. Does nothing when |verify_root_ownership_| is set to 119*1a96fba6SXin Li // false. 120*1a96fba6SXin Li bool VerifyPolicyFile(const base::FilePath& policy_path); 121*1a96fba6SXin Li 122*1a96fba6SXin Li // Verifies that the policy signature is correct. 123*1a96fba6SXin Li bool VerifyPolicySignature() override; 124*1a96fba6SXin Li 125*1a96fba6SXin Li // Loads policy off of disk from |policy_path| into |policy_|. Returns true if 126*1a96fba6SXin Li // the |policy_path| is present on disk and loading it is successful. 127*1a96fba6SXin Li bool LoadPolicyFromFile(const base::FilePath& policy_path); 128*1a96fba6SXin Li 129*1a96fba6SXin Li // Path of the default policy file, e.g. /path/to/policy. In order to make 130*1a96fba6SXin Li // device policy more resilient against broken files, this class also tries to 131*1a96fba6SXin Li // load indexed paths /path/to/policy.1, /path/to/policy.2 etc., see 132*1a96fba6SXin Li // resilient_policy_utils.h. 133*1a96fba6SXin Li base::FilePath policy_path_; 134*1a96fba6SXin Li base::FilePath keyfile_path_; 135*1a96fba6SXin Li std::unique_ptr<InstallAttributesReader> install_attributes_reader_; 136*1a96fba6SXin Li enterprise_management::PolicyFetchResponse policy_; 137*1a96fba6SXin Li enterprise_management::PolicyData policy_data_; 138*1a96fba6SXin Li enterprise_management::ChromeDeviceSettingsProto device_policy_; 139*1a96fba6SXin Li 140*1a96fba6SXin Li // If true, verify that policy files are owned by root. True in production 141*1a96fba6SXin Li // but can be set to false by tests. 142*1a96fba6SXin Li bool verify_root_ownership_ = true; 143*1a96fba6SXin Li // If false, all types of verification are disabled. True in production 144*1a96fba6SXin Li // but can be set to false by tests. 145*1a96fba6SXin Li bool verify_policy_ = true; 146*1a96fba6SXin Li 147*1a96fba6SXin Li DISALLOW_COPY_AND_ASSIGN(DevicePolicyImpl); 148*1a96fba6SXin Li }; 149*1a96fba6SXin Li } // namespace policy 150*1a96fba6SXin Li 151*1a96fba6SXin Li #pragma GCC visibility pop 152*1a96fba6SXin Li 153*1a96fba6SXin Li #endif // LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 154